[Firewall] some help with firewall on debian lenny

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Mon Mar 2 09:03:28 CET 2009


I guess obsolete is not the right word. Personally I like all the 
firewall/forwarding stuff to be in one place: my firewall. But one can 
only do this when you have a router which is capable of bridging, if it 
can't do this it's pretty much useless to have the Linux machine do the 
forwarding as you need to tell the router to forward all the ports anyway...

a.

rodger ellis wrote:
> Thanks for your feedback Arno
> 
> I think when I use apt-get it will install an older version
> butstill ok, my concern is that before apt sets the firewall up
> it will ask some questions i hope I can answer them.
> So will the port forwarding in my router now become obsolete?
> 
> rodger
> ps: I saw this link for a howto on your web site
> http://www.rexx.com/%7Edkuhlman/iptables_install.html
> 
> -------- Original-Nachricht --------
>> Datum: Sat, 28 Feb 2009 10:52:06 +0100
>> Von: Arno van Amersfoort <arnova at rocky.eld.leidenuniv.nl>
>> An: Arno\'s IPTABLES firewall script <firewall at rocky.eld.leidenuniv.nl>
>> Betreff: Re: [Firewall] some help with firewall on debian lenny
> 
>> You basically have all the info to get my firewall going. Create NAT 
>> forwards for the forward ports and open up port 25 for smtp. You 
>> certainly don't want to open the 10024:10025 ports. The conf is well 
>> commented so you should be able to figure out the rest yourself...
>>
>> a.
>>
>> rodger ellis wrote:
>>> I am going to install the firewall on debian lenny server which is on
>> vmware workstation
>>> (xp host) I have some questions and so feedback would be helpful:
>>>
>>>
>>> In the router i have forwared ports 22, 25 , 80 and 443
>>> i have also forwad port range 33434-33534 UDP
>>>
>>> I will host my own web page
>>>
>>> Postfix (master) listening on port 25 (smtp) and 10025, and amavisd-new
>> on port 10024
>>> I have thought about useing a custom script but to be honest its very
>> complicated
>>> so I want to know what should be amended when i install the firwall with
>>> apt-get 
>>>
>>> I have configured the lenny server to have a static ip which is
>> 192.168.1.10
>>> rodger
>> -- 
>> Arno van Amersfoort
>> E-mail    : arnova at rocky.eld.leidenuniv.nl
>> Donations are welcome through Paypal!
>> ---------------------------------------------------------------------------
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
> 

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list